The current authentication methods lack the support for modern authentication methods in systems integration, for example, OAuth or API Keys. Currently, the system supports only plain text or Basic Auth with Base64 encoding, and security mainly relies on communication on the HTTPS layer.
The Auth Provider component runs within the App Servers and provides additional authentication options. Currently, the Basic Auth with Base64 encoding and API Keys are supported. The support for OAuth and the ability to provide encrypted data transmission are under consideration for future releases.
An API Consumer can utilise API Keys to authenticate while connecting to TRIRIGA and will have the same underlying usability. However, the API Key is more secure and encrypted, hence, hard to decipher compared to the Base64 string.